Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-12438

Опубликовано: 15 июн. 2018
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 1.9
CVSS3: 4.9

Описание

The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

precise/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not present
devel

not-affected

code not present
esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

code not present
focal

not-affected

code not present
groovy

not-affected

code not present
hirsute

not-affected

code not present

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not present
devel

not-affected

code not present
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

code not present
focal

not-affected

code not present
groovy

not-affected

code not present
hirsute

not-affected

code not present
impish

not-affected

code not present
jammy

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 24%
0.0008
Низкий

1.9 Low

CVSS2

4.9 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-12438

CVSS3: 4.9
nvd
больше 7 лет назад

The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

debian логотип

CVE-2018-12438

CVSS3: 4.9
debian
больше 7 лет назад

The Elliptic Curve Cryptography library (aka sunec or libsunec) allows ...

github логотип

GHSA-6xrq-423r-vrcg

CVSS3: 4.9
github
больше 3 лет назад

The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

EPSS

Процентиль: 24%
0.0008
Низкий

1.9 Low

CVSS2

4.9 Medium

CVSS3